package com.jxthxr.monitor.config;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
/**
 * @Author silence.Z
 * @Date 2022/6/10 10:59
 * @PackageName:com.jxthxr.monitor.config
 * @ClassName: WebSecurityConfigurer
 * @Description: TODO
 * @Version 1.0
 */

@Configuration
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
	private final String adminContextPath;

	public WebSecurityConfigurer(AdminServerProperties adminServerProperties) {
		this.adminContextPath = adminServerProperties.getContextPath();
	}

	protected void configure(HttpSecurity http) throws Exception {
		SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
		successHandler.setTargetUrlParameter("redirectTo");
		successHandler.setDefaultTargetUrl(this.adminContextPath + "/");
		((HttpSecurity)((HttpSecurity)((HttpSecurity)((FormLoginConfigurer)((HttpSecurity)((AuthorizedUrl)((AuthorizedUrl)((HttpSecurity)http.headers().frameOptions().disable().and()).authorizeRequests().antMatchers(new String[]{this.adminContextPath + "/assets/**", this.adminContextPath + "/login", this.adminContextPath + "/actuator/**", this.adminContextPath + "/instances/**"})).permitAll().anyRequest()).authenticated().and()).formLogin().loginPage(this.adminContextPath + "/login").successHandler(successHandler)).and()).logout().logoutUrl(this.adminContextPath + "/logout").and()).httpBasic().and()).csrf().disable();
	}
}
